Planning an Event?

Let us cater your special occasion with our delicious menu

Get Quote
Logo Dwish

Mentions légales & Politiques

title: "Privacy Policy – Dwish" description: "Privacy Policy for the Dwish Click & Collect website."

Privacy Policy

Privacy Policy – Dwish

Last updated: November 1, 2025

This Privacy Policy describes how Dwish collects, uses, and protects the personal information of users of its Click & Collect service.

1. Data Controller

The data controller is:

Dwish

Dwish EURL (trading as: Dwish)

🌐 https://dwish.fr

📧Email

☎️ 07 67 10 30 14

🏠 2 Rue Edmond Rostand, 13006 Marseille

2. Data Collected

We only collect data necessary for the operation of our service:

  • Identification information: name, surname, phone number, email address.
  • Order-related information: dishes ordered, date and time, total amount, selected restaurant.
  • Pickup preferences: chosen time slot and specific instructions.
  • Technical data: device type, browser, IP address (for security and service optimization).
  • Web font data: IP address may be transmitted to Google when loading fonts (Google Fonts).

No sensitive data is collected.

3. Purposes of Processing

Your data is used to:

  • Manage your online orders and ensure their preparation and pickup.
  • Communicate order confirmations, receipts, and service updates.
  • Manage user accounts and preferences.
  • Comply with legal and accounting obligations.

4. Legal Basis for Processing

Processing is based on:

  • Contractual necessity (management and execution of orders).
  • Legal obligations (invoicing, archiving).
  • Legitimate interest (service improvement and fraud prevention).
  • Consent, when necessary (e.g., optional notifications).

5. Retention Period

  • Account and order data: 3 years after the last interaction.
  • Billing and accounting data: 10 years (legal obligations).
  • Contact or support requests: 1 year after resolution.

6. Recipients of Data

Access to your data is limited to:

  • Dwish internal teams (orders, support, management).
  • Partner restaurants that prepare your order.
  • Trusted service providers, including:
    • Clerk (authentication and session management)
    • PayGreen / Stripe (payment processing)
    • Vercel (application hosting and deployment)
    • MongoDB Atlas (database, hosted in the EU)
    • Resend (transactional email delivery)
    • Upstash (message queue and cache)
    • IONOS (domain name management)

Your data is not sold or shared for commercial purposes.

7. Data Security

We implement appropriate technical and organizational measures:

  • Secure HTTPS connection;
  • Encrypted storage in the database;
  • Access controls and authentication;
  • Regular backups and monitoring.

8. Your Rights

In accordance with the GDPR, you can:

  • Access your personal data;
  • Rectify any inaccurate information;
  • Request the deletion of your data ("right to be forgotten");
  • Object to or restrict processing;
  • Receive your data in a portable format.

To exercise your rights: Email: contact@dwish.fr

9. Transfers Outside the EU

Some service providers are US companies that may process data outside the European Union, including:

  • Vercel (hosting)
  • Resend (transactional emails)
  • Upstash (message queue and cache)

These transfers are governed by Standard Contractual Clauses approved by the European Commission, in compliance with the GDPR.

IONOS (domain management) is a European company: no data transfers outside the EU occur in this context.

10. Changes to the Policy

This policy may be updated. Changes will be published on this page and will take effect upon their online publication.

📧Email

🏠 2 Rue Edmond Rostand, 13006 Marseille